Tod Beardsley (GCIA) |

Objective

With over ten years of experience, I'm always seeking new challenges in information security. My background is strongly based in intrusion prevention, vulnerability assessment and identification, team management, anti-fraud/anti-phishing countermeasures, intrusion detection and response, protocol analysis, and "bastion" host hardening.

Selected Publications

"Monkeyspaw: The Greasemonkey Security Professional's Automated Webthinger" (Code) 4 August, 2006
URL: http://www.planb-security.net/userscripts/#monkeyspaw

"Phishing Detection and Prevention: Practical Counter-Fraud Solutions" 15 August, 2005.
URL: http://www.planb-security.net/wp/503167-001_PhishingDetectionandPrevention.pdf

"Evolution of Phishing Attacks" 20 December, 2004.
URL: http://www.antiphishing.org/Evolution%20of%20Phishing%20Attacks.pdf

"Snacktime: A Perl Solution for Remote OS Fingerprinting." (Code) 22 June, 2003.
URL: http://www.planb-security.net/wp/snacktime.html

"Chapter 13: Windows 2000 Bastion Hosts." Building DMZs for Enterprise Networks.
Syngress Publishing (Shinder, Shimonski, et al.) May, 2003.

"Intrusion Detection and Analysis: Theory, Techniques, and Tools." 8 May, 2002.
URL: http://www.giac.org/practical/Tod_Beardsley_GCIA.pdf

Work Experience

BreakingPoint Systems | Austin, TX
(February, 2008 - Present)

Security Researcher for BreakingPoint's Strike Team

Research and Develop BreakingPoint AppSim modules for popular Internet protocols

TippingPoint Technologies, a division of 3Com | Austin, TX
(July, 2004 - February, 2008)

Senior Engineer for TippingPoint's DVLabs

Lead counter-fraud engineer, responsible for R&D for anti-phishing product enhancements

Produced exploit and vulnerability filters for the TippingPoint IPS product line

Provided third-level support and expertise to external customers and internal QA/Sales teams

Dell, Inc. | Austin, TX
(August, 2000 - July, 2004)

Lead intrusion detection analyst and engineer

Develop methods and tools for global penetration testing

Architect and deploy global vulnerability scanning and reporting infrastructure

Research, publish, and present enterprise standards for system host hardening

Vendor relations and management for enterprise security products

Source W (a Westinghouse company) | Trafford, PA
(November, 1999 - August, 2000)

Manager of first level IT support and asset management team

Maintain and expand entire networked environment and services

Backup and recovery for all company and personal data

Develop alerting infrastructure for all servers and network devices

Angstrom, Inc. | Pittsburgh, PA
(February, 1998 - November, 1999)

Secure baseline ISP services (SMTP, NNTP, IRC, customer web sites)

Onsite network and security consulting for small business customers

Telerama Public Access Internet | Pittsburgh, PA
(October, 1997 - February, 1998)

Day-to-day ISP customer and service support

Speaking Experience

TippingPoint DVCast, 2006-2008
"Weekly Digital Vaccine Podcat," a technical podcast for TippingPoint DV subscribers.

Black Hat Briefings, 2006
"Investigating Evil Websites with Monkeyspaw: The Greasemonkey Security Professional's Automated Webthinger"

RSA Conference, 2006
"Phishing: Defensive Strategies and Countermeasures"

SummerCon, 2005
"Trolling for Skank: A Phishing Primer"

Missouri State Bankers' Symposium, 2005 "Directions in Online Fraud"

Other Professional Distinctions

Founding Member of Austin Hackers Anonymous!

2005 Nominee for 3Com's "Innovator of the Year" award

Charter member of the Anti-Phishing Working Group (APWG)
http://antiphishing.org

Former advisory board member of the GIAC Certified Intrusion Analyst program (GCIA)
http://www.giac.org/GCIA_board.php

Occasional on-air security expert on KVUE-TV in Austin, TX

Civic Positions

Travis County Election Judge, 2004 - Present

Vice-President and Director of Sarah's Creek Homeowners Association, Inc. 2007 - Present

Education

University of Redlands

Major field of study: Pre-Law (1992)